std::string OktaCredentialsProvider::GetSAMLAssertion()

in src/authentication/okta/okta.cc [26:62]

• 31 lines of code
• 5 McCabe index (conditional complexity)

std::string OktaCredentialsProvider::GetSAMLAssertion(std::string& err_info) {
    // SAML Assertion
    std::string url = get_signin_page_url();
    LOG(INFO) << "OKTA Sign In URL w/o Session Token: " << url;
    std::string session_token = get_session_token();
    if (session_token.empty()) {
        LOG(WARNING) << "No session token generated for SAML request";
        return "";
    }
    url += session_token;

    std::shared_ptr<Aws::Http::HttpRequest> req = Aws::Http::CreateHttpRequest(
        url, Aws::Http::HttpMethod::HTTP_GET, Aws::Utils::Stream::DefaultResponseStreamFactoryMethod);
    std::shared_ptr<Aws::Http::HttpResponse> response = http_client->MakeRequest(req);

    std::string retval;
    // check response code
    if (response->GetResponseCode() != Aws::Http::HttpResponseCode::OK) {
        LOG(WARNING) << "OKTA request returned bad HTTP response code: " << response->GetResponseCode();
        err_info = "Okta signOnPageRequest failed.";
        if (response->HasClientError()) {
            err_info += "Client error: '" + response->GetClientErrorMessage() + "'.";
        }
        return retval;
    }

    std::istreambuf_iterator<char> eos;
    std::string body(std::istreambuf_iterator<char>(response->GetResponseBody().rdbuf()), eos);
    DLOG(INFO) << "Signout response body: " << body;

    std::smatch matches;
    if (std::regex_search(body, matches, std::regex(SAML_RESPONSE_PATTERN))) {
        return HtmlUtil::EscapeHtmlEntity(matches.str(1));
    }
    LOG(WARNING) << "No SAML response found in response";
    return "";
}